<?php
/*---------------------一、PHP文件引用----------------------------------*/
require_once 'response.php';
require_once 'connect_config.php';
require('../config.php');
require_once($CFG->libdir .'/moodlelib.php');

/*---------------------二、变量参数定义-------------------------------*/
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$identity = $_POST['identity'];
$show = $_POST['show'];
$token = $_POST['token'];
$fasthash = array('cost'=>4);
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
if(!$show)//我的网页端是用curl传值，是POST方法获取，如果用URL传值，就用GET方法获取；两种情况都写了
{
	$username = $_GET['username'];
	$password = $_GET['password'];	
	$email = $_GET['email'];
	$identity = $_GET['identity'];
	$show = $_GET['show'];//show有两个值，选择1是登陆，选择2是注册（这里考虑前台页面是注册和登陆放在一起的）
	$token = $_GET['token'];
	$firstname = $_GET['firstname'];
	$lastname = $_GET['lastname'];
}
$status = false;
$msg = '';
$data = array();
$ignorelockout=false;
$failurereason=null;
$check = new stdClass();
/*测试数据
$username = 'student100;
$password = '*Student100';
$email = 'oys@163.com';
*/

/*---------------------三、数据库连接--------------------------------*/
$conn = mysqli_connect(DB_HOST,DB_USER,DB_PWD,DB_NAME,DB_PORT) or die('数据库连接失败');

/*---------------------四、用户登录检测-------------------------------*/
if($show == 1){
    //用户登录
    if($username || $password){
        //以用户名密码登录
        $check = authenticate_user_login($username,$password, $ignorelockout, $failurereason);
        if($check == false){
            //验证用户名密码失败
            $status = false;
			$msg = $failurereason;
//			echo"failureason is".$failurereason."<br>";
			echo Response::json($status,$msg,$data);
        }else{
            //通过验证
            $status = true;
            $msg = 'success';				
            $id = $check->id;
            $query = "select * from mdl_token";
            $data1 = mysqli_query($conn, $query);         
            
            while($row = mysqli_fetch_array($data1))//检查是否已经生成过token。若有，则直接返回token，结束；没有，则执行下面的生成token步骤
            {
                if($row['user_id'] == $id){
                    $token = $row['token'];	
                    $data[0]['token']=$token;
                    echo Response::json($status,$msg,$data);
                    break;
                }
            }
               
            if($token == ''){
                $time = time();
                $token = md5($id.$time);
                $query = "insert into mdl_token (user_id,token) values ('$id','$token')";
                $result = mysqli_query($conn, $query);
                $status = true;
                $msg = 'success';
                $data[0]['token']=$token;
                echo Response::json($status,$msg,$data);
            }
            
        }
    }else if($token){
        //以token登录
        $query = "select * from mdl_token";
		$data1= mysqli_query($conn, $query);
		while($row = mysqli_fetch_array($data1))
		{
			if($row['token'] == $token)
			{
				$check = true;
				break;
			}
			$check = false;
		}
		if($check == false){
			$status = false;
			$msg = 'tokenloginfailed!<br>';
			$data[0]['token']=$token;
			echo Response::json($status,$msg,$data);
		}
		else{
			$status = true;
			$msg = 'tokenloginsuccess!<br>';
			echo Response::json($status,$msg,$data);
		}
    }
    
}else if($show==2){
	//用户注册
	$confirmed =1;
	$mnethostid = 1;
	$password1 = password_hash($password,PASSWORD_DEFAULT,$fasthash);//用最简单的方式生成可以被认证成功的密码
//	echo "<br>".$password1."<br>";
	$query = "insert into mdl_user (username,password,email,firstname,lastname,confirmed,mnethostid) values ('$username','$password1','$email','$firstname','$lastname','$confirmed','$mnethostid')";
	$result = mysqli_query($conn, $query);
	$data = mysqli_fetch_array($result);
	$msg = mysqli_errno($conn);
	if($msg==0)
	{
		$status = true;
		$data[0]['username']=$username;
		$data[0]['password']=$password;
		echo Response::json($status,$msg,$data);
	}
	else
	{
		$status = false;
		$data[0]['username']=$username;
		$data[0]['password']=$password;
		echo Response::json($status,$msg,$data);
	}
	
}else{
	//未知错误
  	$status = false;
	$msg = "unknown failure!";
	echo Response::json($status,$msg,$data);
}

?>
